economic espionage – Techdirt (original) (raw)

Stories filed under: "economic espionage"

Wikileaks Latest Info-Dump Shows, Again, That The NSA Indeed Engages In Economic Espionage Against Allies

from the with-friends-like-these dept

With all the revelations that have come out about the NSA and our foreign and domestic spy programs, it can, at times, become difficult to parse out exactly what we’re supposed to be getting pissed off about and what is the exact kind of spy-work we ought to expect the alphabet agencies to conduct. Some of the groups that are involved in getting these revelations out there don’t make it much easier, of course. Take as an example the latest Wikileaks info-dump, which chiefly concerns the NSA’s spy program against our ally Japan. From the press release accompanying the documents:

Today, Friday 31 July 2015, 9am CEST, WikiLeaks publishes “Target Tokyo”, 35 Top Secret NSA targets in Japan including the Japanese cabinet and Japanese companies such as Mitsubishi, together with intercepts relating to US-Japan relations, trade negotiations and sensitive climate change strategy. The list indicates that NSA spying on Japanese conglomerates, government officials, ministries and senior advisers extends back at least as far as the first administration of Prime Minister Shinzo Abe, which lasted from September 2006 until September 2007. The telephone interception target list includes the switchboard for the Japanese Cabinet Office; the executive secretary to the Chief Cabinet Secretary Yoshihide Suga; a line described as “Government VIP Line”; numerous officials within the Japanese Central Bank, including Governor Haruhiko Kuroda; the home phone number of at least one Central Bank official; numerous numbers within the Japanese Finance Ministry; the Japanese Minister for Economy, Trade and Industry Yoichi Miyazawa; the Natural Gas Division of Mitsubishi; and the Petroleum Division of Mitsui.

Now, what Wikileaks is doing is mashing together the NSA spying on the Japanese government, our ally, with Japanese industry. That’s silly, in my estimation. In fact, much of the hand-wringing that goes on about our spy networks spying on allies seems naive in the extreme, as if to suggest that our closest allies aren’t conducting similar spy programs on our government. You can insist, if you like, that America should not be spying on her allies, but then I get to insist that you grow up, because that’s exactly the kind of work you want the NSA doing.

But on the economic side, things get a little murkier. The NSA has insisted for years that the agency does not engage in economic espionage, actions which would put it out of the norm for how we treat our allies. It’s also been clear for some time that the NSA is full of crap in this regard. This latest Wikileaks dump fleshes out just how much economic espionage we do against our allies, even very close allies like Japan.

The documents demonstrate intimate knowledge of internal Japanese deliberations on such issues as: agricultural imports and trade disputes; negotiating positions in the Doha Round of the World Trade Organization; Japanese technical development plans, climate change policy, nuclear and energy policy and carbon emissions schemes; correspondence with international bodies such as the International Energy Agency (IEA); strategy planning and draft talking points memoranda concerning the management of diplomatic relations with the United States and the European Union; and the content of a confidential Prime Ministerial briefing that took place at Shinzo Abe’s official residence.

It’s just more egg on the face of government and security officials who have claimed to have kept their hands clean of economic espionage. There’s sure to be more of interest in the documents as they get parsed out, but if nothing else we can be reminded that the NSA is a spy agency and that its officials have been caught lying over and over again.

Filed Under: economic espionage, espionage, japan, nsa, surveillance, trade deals

NSA — Despite Claiming It Doesn't Engage In Economic Espionage — Engaged In Economic Espionage

from the oh-look-at-that dept

The NSA has long claimed that it does not engage in “economic espionage.” NSA and Defense Department officials have repeatedly insisted that while they do lots of other things, economic espionage is not on the list:

?The Department of Defense does engage? in computer network exploitation, according to an e-mailed statement from an NSA spokesman, whose agency is part of the Defense Department. ?The department does ***not*** engage in economic espionage in any domain, including cyber.?

These claims are made in a strange attempt to suggest that the NSA is somehow “better” than those like the Chinese, who absolutely do engage in economic espionage, looking for corporate secrets and the like. Of course, it’s not entirely clear why not engaging in economic espionage is such an important moral argument for the NSA — but, at the very least, the agency claims it has its limits.

Of course, it’s already been pretty clear that this was more hot air than reality from the NSA anyway. Soon after the first Snowden leaks came out, it was suggested that there was evidence of economic espionage against Germany. Later revelations showed what appears to be economic espionage in Brazil. And, on top of that, we wondered why the US Trade Rep is listed as a “customer” of NSA intelligence if it wasn’t doing economic espionage. Oh, and let’s not even mention that former CIA boss and Defense Secretary Robert Gates has admitted to trying to do economic espionage, but stopping because the US wasn’t very good at it.

Anyway, with all that it should be obvious that of course the NSA engages in economic espionage — but as if to highlight this even more strongly, Wikileaks has now released more documents showing pretty clear economic espionage in the form of snooping on French finance ministers, looking to get information on “French export contracts, trade and budget talks.”

As with the initial revelation that the NSA was spying on the French government, by itself, I don’t find this too concerning. Governments spying on other governments is kind of how it goes. But it is notable that there’s more evidence of economic espionage when the NSA is so insistent that it absolutely never engages in such tactics. It seems likely that the “out” the NSA would claim here is that it doesn’t do economic espionage in the form of spying on companies to try to get their secrets. But it does other forms of economic espionage by spying on government officials engaged in trade deals and such… That seems like a distinction without much meaning.

Filed Under: economic espionage, finance minister, france, nsa, surveillance, trade

Some Now Suggesting Cardinals Hack May Have Violated The Economic Espionage Act

from the uh-oh dept

After the revelation that the St. Louis Cardinals are being investigated by the FBI for hacking into the Houston Astros’ networks and grabbing a whole bunch of proprietary statistical and scouting data, much of the speculation centered around one or two rogue employees, who may have used old passwords to get into the Astros’ systems. Those systems had been set up by the Astros’ new GM, who was a former Cardinals employee and who presumably just reused his passwords. With that speculation in mind, the focus then turned to how the feds might look to use the CFAA to go after those employees for having committed a federal crime. All of that would be serious enough in and of itself, except some of the details coming out of the investigation and some of the expert opinions on which laws may be brought to bear are making all of this look much more serious than even most people’s first take.

Much of the speculation that only an employee or two will face punishment under the CFAA has taken the form of something like this, from Alexander Southwell, a cybersecurity expert for law firm Gibson Dunn.

Southwell said the most likely charge would involve violation of the federal Computer Fraud and Abuse Act. The Cardinals would be unlikely to face criminal charges unless it could be proven that the team, and not an employee or group of employees, was behind the act, Southwell said.

“The entity can’t be held responsible for the acts of rogue employees,” he said.

But not everyone agrees with that. Much in the way that Sarbanes-Oxley was constructed to keep high-level executives from shirking their responsibility for the actions of the businesses they oversee, there are laws on the books that could be used to go after the Cardinals’ leadership not only if they had direct knowledge of this alleged hack, but also if they should have known about it but didn’t. Serious negligence would have to be proven on the part of the higher-ups still, but the bar is lower. Here’s the take from Nathaniel Grow, an Assistant Professor of Legal Studies at the University of Georgia.

The alleged hacking may have also violated the Economic Espionage Act of 1996, which criminalizes the theft or misappropriation of trade secrets. The data allegedly accessed by the Cardinals would appear to satisfy the legal definition of a trade secret, which covers any information that provides a business with a competitive advantage over its competitors and is not generally known by the public (for example, the recipe for Coca-Cola). The Astros’ proprietary statistical analysis and internal scouting reports would almost certainly qualify as trade secrets under this definition. . . Under the EEA, anyone who steals, copies, or downloads someone else’s trade secret information without permission faces a monetary fine and possible jail sentence of up to 10 years in prison per offense.

Perhaps more significantly, however, the EEA would also potentially allow the government to charge the entire Cardinals organization with criminal activity. As Section (b) of the law provides, “Any organization that commits any offense described in subsection (a) shall be fined not more than $5,000,000.“ In order to charge the entire organization with criminal activity, however, prosecutors would likely have to show that high-level Cardinals executives were aware of the hacking, or at least should have known that it was going on. If that is the case, then the entire team could face criminal prosecution. But if the hacking were simply carried out by a few lower-level team officials, without the knowledge of any higher-ups, then any organization-wide criminal case would be unlikely.

Complicating all of this further is the combination of Major League Baseball’s antitrust status, which in part hinges on the notion that MLB acts as an umbrella organization under which the franchises operate. One of the questions that’s been raised is whether or not the EEA could be invoked in this situation due to that organizational architecture. After all, two different people might own McDonald’s franchises, but it would hardly make sense if one sued the other for stealing “trade secrets” when they’re both McDonald’s. Are the two teams competitors or are they different entities within the same organization?

Either way, the more that comes out, the more it’s becoming clear that the FBI has someone or some people in the Cardinals organization dead to rights. The question is going to end up being how many are punished and under what laws they are prosecuted.

Filed Under: astros, cardinals, cfaa, criminal, economic espionage, trade secrets
Companies: houston astros, major league baseball, st. louis cardinals

New Intercept Leak Shows That Intelligence Agencies Are Ready And Willing To Perform Economic Espionage If US Tech Edge 'Slips'

from the altitude-of-high-road-rapidly-approaching-sea-level dept

The NSA has repeatedly assured the public that it definitely does not perform economic espionage. It may collect metadata and communications from around the world (including that of US citizens) and intercept shipments of computer hardware in order to install its own spying devices, but it doesn’t perform espionage in service of American corporate interests.

This was the small thing that set our intelligence agencies slightly above similar agencies in China. Last August, the ODNI (Jame Clapper’s office) sent this categorical denial to the Washington Post in response to leaked documents. (Emphasis in original.)

“The department does ***not*** engage in economic espionage in any domain, including cyber.”

And then the truth came rolling in, thanks to Snowden’s leaks.

After that categorical statement to the Post, the NSA was caught spying on plainly financial targets such as the Brazilian oil giant Petrobras; economic summits; international credit card and banking systems; the EU antitrust commissioner investigating Google, Microsoft, and Intel; and the International Monetary Fund and World Bank. In response, the U.S. modified its denial to acknowledge that it does engage in economic spying, but unlike China, the spying is never done to benefit American corporations.

A slight change in wording and the denial still holds. Or does it? The Intercept’s latest set of documents — issued by Clapper’s office — show the US government definitely has plans to do the one thing Clapper says we don’t: spy for the benefit of US corporations.

The document, the 2009 Quadrennial Intelligence Community Review—provided by NSA whistleblower Edward Snowden—is a fascinating window into the mindset of America’s spies as they identify future threats to the U.S. and lay out the actions the U.S. intelligence community should take in response…

According to this document, one of the threats that the government might call in the services of its intelligence agencies to handle is a slip in America’s “technological and innovative edge.” The appropriate response in the free world — especially a country that always tells its citizens they can achieve anything through hard work and determination — would be to allow the struggling corporations to solve their own problems. If it really needed to get involved, the government could take a close look to see if it was creating bottlenecks with iffy IP laws or its random blend of regulation and deregulation. Anything but take the easiest way out.

But if the American way of life (such as it were) is threatened in the future, Clapper’s office recommends letting the spies fix it.

The report recommends “a multi-pronged, systematic effort to gather open source and proprietary information through overt means, clandestine penetration (through physical and cyber means), and counterintelligence” (emphasis added). In particular, the DNI’s report envisions “cyber operations” to penetrate “covert centers of innovation” such as R&D facilities.

Cheat to win. And saying everyone else is doing it (even if they are) doesn’t do anything more than drag the US down to their level. One scenario included in the document posits Russia and India working together to outpace the US. At this point, the NSA and others would step in to perform cyber-espionage, hacking into the foreign research facilities and making off with proprietary data. The data collected would be (this is a direct quote)

…assesse[d] whether and how its findings would be useful to U.S. industry.

As is noted by Glenn Greenwald, there’s no indication the US has actually done this in the past. But it is a long-term document, meant to envision the intelligence agencies’ roles over the next 20 years. And one of those roles being discussed is stealing secrets to put US companies ahead.

Some may defend this as being a purely speculative document that details numerous what-if scenarios that will never be played out. But that defense is inadequate. The speculations aren’t tied to scenarios in which the US government shifts towards a more China-like role and gives up its ambitions of being the leader of the free world. In these scenarios, the United States is presumed to be doing business as a democratic republic — one that has often sought to rise above this sort of behavior.

The NSA has the capabilities to do many things, some of which remain unexplored (or at least unrevealed). This is one of them. The agency’s defenders have argued that it doesn’t abuse these powers, but its internal documents (along with statements from former NSA head Keith Alexander) that it will always “play to edges” of its confinements. This document shows it’s willing to step into this role if asked to. Or if it thinks it was asked to. Or it may perform this role proactively and ask forgiveness later.

The fact is that this scenario never should have been presented. It’s not that much different than using the threat of domestic terrorism as a what-if projection for unencumbered harvesting of US citizens’ communications. There are lines you don’t cross — not in this nation — even hypothetically. Corporate espionage is one of them. Especially when the US Attorney General is handing out indictments for corporate espionage by the Chinese.

Nothing may ever come of this. But it’s important for the world to know that offer is on the table.

Filed Under: economic espionage, intelligence community, james clapper, lies, nsa, odni, surveillance

Former CIA Director And Defense Secretary Says CIA Tried, But Failed, To Do Economic Espionage

from the this-doesn't-make-the-us-look-any-better dept

US intelligence officials still seem to think that there’s some big distinction between the kind of intelligence work the US does versus the kind that other countries do. US officials time and time again claim that they don’t do “economic espionage” — even though it’s pretty clear that they do it, just through indirect means (i.e., while they don’t hand trade secrets over to companies, they’re certainly using economic information to impact policy and trade discussions).

Former Defense Secretary and CIA boss Robert Gates continued this sort of tone deaf line of thinking from US intelligence defenders by claiming that French intelligence downloads the contents of laptops from businessmen visiting Paris:

“There are probably a dozen or 15 countries that steal our technology in this way,” Gates said in an interview the Council on Foreign Relations posted online Thursday. “In terms of the most capable, next to the Chinese, are the French — and they’ve been doing it a long time.”

Gates, who was also director of the Central Intelligence Agency in the first Bush administration, said that when he talks to business audiences, he asks, “How many of you go to Paris on business?’ Hands go up. ‘How many of you take your laptops?’ Hands go up. ‘How many of you take your laptops to dinner?’ Not very many hands.”

“For years,” Gates said, “French intelligence services have been breaking into the hotel rooms of American businessmen and surreptitiously downloading their laptops, if they felt those laptops had technological information or competitive information that would be useful for French companies. France has been a mercantilist country — the government and business have operated hand in hand — since the time of Louis XIV.”

Throwing everyone else under the bus does nothing to make the US and the NSA’s activities any better, and it’s bizarre that intelligence officials seem to think they have the moral upper hand here. Almost no one sees it that way. They just look petty.

Even more bizarre: for all of Gates’ talk about how the US doesn’t do economic espionage… he then basically admits that he tried to do exactly that and failed:

But despite his attempt to work with, in his words, five or six commerce secretaries, “I never could get one of them interested in being the facilitator of getting that kind of CIA information to American companies. So this is something we don’t do.”

Uh… he says “this is something we don’t do” while admitting that he tried to do exactly that. He was just stymied by whoever was Commerce Secretary. If a more… permissive Commerce Secretary were in the job, it would be a very different story, now wouldn’t it? In fact, this is a pretty major admission. For all the talk of “we don’t do that,” what Gates really means is “we tried to do economic espionage, and we would do economic espionage, if we could.”

Suddenly, the moral high road doesn’t look so high.

Filed Under: cia, economic espionage, france, nsa, surveillance, us

Irony Alert: US Filing Criminal Charges Against China For Cyberspying

from the hey,-look-over-there! dept

Even as more and more examples of questionable surveillance by the US government are revealed, the US is apparently still trying its “hey, look over there!” strategy in response. This morning, Attorney General Eric Holder is announcing that the US has filed meaningless criminal charges against members of the Chinese military for economic espionage done via the internet.

Of course, there’s no chance of any actual prosecution happening here. If anything this is all just a bit of diplomatic showmanship. In fact, I wouldn’t be surprised to quickly see China respond in kind with “criminal charges” being announced against folks from the NSA for the various spying that they’ve done on China. US officials will, as they always do, insist that what the People’s Liberation Army does is “different” because it’s economic espionage, in which the Chinese army breaks into networks from certain industries and companies, and shares the details with Chinese companies. The US does not appear to do the same thing directly, though there are indications of indirect economic espionage (i.e., spying on companies to then inform general US policy that might help US companies). The Chinese have (quite reasonably) questioned how there’s a legitimate distinction between the different kinds of espionage.

Either way, at a time when the US is under intense scrutiny for its questionable espionage efforts, including installing backdoors into US networking equipment (which is what they’ve accused the Chinese of doing repeatedly, despite no actual evidence), filing criminal charges against the Chinese for cyberspying… just looks really sad. It stinks of hypocrisy.

Filed Under: china, cyberspying, doj, economic espionage, eric holder, espionage, nsa, spying, surveillance

Leak Shows NSA Breached Huawei's Internal Servers, Grabbed Executive Emails And Source Code

from the corporate-surveillance dept

Over the weekend, Der Spiegel and the New York Times published another leaked document, this one detailing the NSA’s breach of Huawei’s servers. The end game, however, seems to be less targeted at monitoring the company for its supposed spying efforts (via its hardware) than to install NSA backdoors in hardware used by countries that would prefer not to “buy American.”

The agency pried its way into the servers in Huawei’s sealed headquarters in Shenzhen, China’s industrial heart, according to N.S.A. documents provided by the former contractor Edward J. Snowden. It obtained information about the workings of the giant routers and complex digital switches that Huawei boasts connect a third of the world’s population, and monitored communications of the company’s top executives.

One of the goals of the operation, code-named “Shotgiant,” was to find any links between Huawei and the People’s Liberation Army, one 2010 document made clear. But the plans went further: to exploit Huawei’s technology so that when the company sold equipment to other countries — including both allies and nations that avoid buying American products — the N.S.A. could roam through their computer and telephone networks to conduct surveillance and, if ordered by the president, offensive cyberoperations.

Much of this is unsurprising. The government has long held (even though it has failed to produce any proof) that Huawei is used by the Chinese government to spy on other countries via subverted hardware, so it would make sense for the NSA to have the company under surveillance. But what’s happening here seems to exceed the bounds of defensive surveillance and head into corporate espionage territory.

As Karl Bode pointed out in an earlier story about the US government warning Americans away from Huawei network equipment, many of the Huawei spying allegations can be traced back to its main competitor, Cisco. Marcy Wheeler at emptywheel sees the NSA’s Huawei spying as little more than a way for it to protect some of its main collection points.

[T]he articles make it clear that 3 years after they started this targeted program, SHOTGIANT, and at least a year after they gained access to the emails of Huawei’s CEO and Chair, NSA still had no evidence that Huawei is just a tool of the People’s Liberation Army, as the US government had been claiming before and since. Perhaps they’ve found evidence in the interim, but they hadn’t as recently as 2010.

Nevertheless the NSA still managed to steal Huawei’s source code. Not just so it could more easily spy on people who exclusively use Huawei’s networks. But also, it seems clear, in an attempt to prevent Huawei from winning even more business away from Cisco.

I suspect we’ll learn far more on Monday. But for now, we know that even the White House got involved in an operation targeting a company that threatens our hegemony on telecom backbones.

If there’s been no evidence uncovered that Huawei equipment is being deployed with Chinese government-friendly backdoors, then the NSA is engaged in self-serving corporate espionage, one that keeps Cisco — and consequently, the NSA — in wide circulation.

Even if you believe this is exactly the sort of thing our intelligence agencies should be doing, it’s hard to ignore the inherent hypocrisy of the government’s words and actions. Even Jack Goldsmith, who has previously argued that the US needs an “invasive NSA,” had this to say about the latest leak.

The Huawei revelations are devastating rebuttals to hypocritical U.S. complaints about Chinese penetration of U.S. networks, and also make USG protestations about not stealing intellectual property to help U.S. firms’ competitiveness seem like the self-serving hairsplitting that it is.

While the revelations that the NSA is surveilling a foreign company deemed untrustworthy by government officials are hardly surprising, the whole situation is tainted by the US government’s hardline against Huawei. Many accusations have surfaced over the last decade but have remained unproven, even as the US government has locked Huawei out of domestic contracts and persuaded other countries to seek different vendors. This isn’t passive monitoring being deployed to detect threats. This is an active invasion of a private company’s internal network in order to subvert its hardware and software, all of which will likely benefit its largest competitor, either directly or indirectly. The NSA isn’t Cisco’s personal army, but their mutual goals (widespread Cisco deployment) are so closely aligned, the agency might as well be.

If the NSA has found any evidence that Huawei is operating on behalf of the Chinese government, now would be the time to make that information public. With Michelle Obama’s goodwill tour of China underway, it’s hardly beneficial for our surveillance hypocrisy to be on display (again).

Filed Under: china, economic espionage, espionage, nsa, surveillance
Companies: cisco, huawei

If The NSA Isn't Engaged In Economic Espionage, Why Is The USTR Considered 'A Customer' Of Intelligence?

from the simple-questions dept

We just had a story about how Australia used its equivalent of the NSA to do economic espionage for the sake of improving trade deals and helping private companies by passing along useful info they gleaned from spying on the Japanese. It had become so common that companies getting the info would joke that it had “fallen off the back of a truck.” Of course, many have argued that the US is obviously engaged in similar activity. The most damning evidence, of course, was the release a few months ago of details of how the NSA spied on Petrobas, the Brazilian oil giant.

The US has sworn up, down, left and right that it does not use the NSA for economic espionage. In August, the Department of Defense issued a statement to the Washington Post saying:

“The Department of Defense does engage” in computer network exploitation, according to an e-mailed statement from an NSA spokesman, whose agency is part of the Defense Department. “The department does ***not*** engage in economic espionage in any domain, including cyber.”

Those triple stars were in the original. That was before the Petrobas revelation. After that came out, Director of National Intelligence James Clapper tried to explain that away, arguing that it was not for economic espionage at all, but to get a better sense of whether there was an upcoming financial crisis.

What we do not do, as we have said many times, is use our foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of – or give intelligence we collect to – US companies to enhance their international competitiveness or increase their bottom line.

Of course, it’s a very blurry line between using that information to create policies that help US companies and just giving the information to them directly. Perhaps it’s true that the NSA doesn’t hand out the information it gleans from foreign companies directly to US companies to help them understand, say, how a foreign product is built — but reverse engineering is pretty good these days, so it’s doubtful that too many US companies need that kind of help anyway. Instead, it seems to be just as nefarious, and certainly a form of economic espionage, to use this information to create trade policies that clearly boost certain US interests.

But that’s certainly happening. The NY Times’ giant profile of the NSA’s activities that came out earlier this month included a list of “customers” for the NSA. Pay close attention to the last two on the list:

This huge investment in collection is driven by pressure from the agency’s “customers,” in government jargon, not only at the White House, Pentagon, F.B.I. and C.I.A., but also spread across the Departments of State and Energy, Homeland Security and Commerce, and the United States Trade Representative.

Now, one can make a (potentially compelling) argument that of course it’s US policy to try to improve situations for American companies. And that’s perfectly reasonable — but it seems like a clearly bogus argument for the NSA to say it “does not do economic espionage” just because it (allegedly) does not do one particular tidbit of economic espionage: directly handing companies information. If, instead, it’s spying on foreign companies and then providing that information to the USTR, you can assure that two things are happening: economic policies that help the special interests that have a close relationship with the USTR are getting extra favorable policies in their place, and some of that information is seeping out of the USTR to those companies anyway.

And we’ve already seen, repeatedly, how the USTR appears to have very cozy relations with certain legacy industries, while having almost no relationship at all with younger, more innovative industries. As such, not only is the NSA clearly engaged in economic espionage, it’s doing so to the detriment of actual innovation and economic growth, by using this information to prop up legacy industries, while handicapping the innovative industries.

Filed Under: australia, brazil, economic espionage, japan, nsa, surveillance, ustr
Companies: petrobas

Australia Spied On Japanese Companies To Help Its Industries Negotiate Trade Deals

from the not-many-terrorists-here dept

As more information comes to light about the global snooping being conducted by the NSA and GCHQ, it is becoming clearer that much of it had little to do with combating terrorism, as a recent EFF article makes plain. But most damaging to the idea that massive surveillance was justified, because it was to protect people from extreme threats, is the revelation that commercial espionage was also being conducted. So far, the chief example of that is in Brazil, but The Sydney Morning Herald (SMH) now has information about large-scale industrial spying on Japanese companies carried out by Australian secret services:

> BHP [BHP Billton — the world’s largest mining company] was among the companies helped by Australian spy agencies as they negotiated trade deals with Japan, a former Australian Secret Intelligence Service officer says. > > A former diplomat has also confirmed Australian intelligence agencies have long targeted Japanese companies. Writing in The Japan Times, Professor Gregory Clark said Australian companies were beneficiaries of intelligence operations. > > “In Australia, favoured firms getting spy material on Japanese contract policies and other business negotiations used to joke how [it had] ‘fallen off the back of a truck’,” Professor Clark wrote.

The article has more details, but doesn’t reveal how the materials were obtained. However, since Australia is part of the “Five Eyes” inner circle of snooping countries that also includes the US, UK, Canada and New Zealand, it seems likely that information of interest from those partners also found its way to Australian companies. SMH quotes Clark as saying:

> Business information is a main target for [intelligence] agencies

It will be interesting to see if later releases from Snowden’s hoard of documents show any evidence of this Australian use of NSA materials for industrial espionage.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: australia, economic espionage, gchq, nsa, surveillance
Companies: bhp billton

Latest Snowden Leaks Show GCHQ Gleefully Hacking Belgian Telco

from the this-pleases-the-spies dept

Another day, another report on a leaked Snowden document, this time showing how the UK’s GCHQ, using technology from the NSA, gleefully hacked into Belgian telco giant Belgacom’s system.

According to the slides in the GCHQ presentation, the attack was directed at several Belgacom employees and involved the planting of a highly developed attack technology referred to as a “Quantum Insert” (“QI”). It appears to be a method with which the person being targeted, without their knowledge, is redirected to websites that then plant malware on their computers that can then manipulate them. Some of the employees whose computers were infiltrated had “good access” to important parts of Belgacom’s infrastructure, and this seemed to please the British spies, according to the slides.

The documents also suggest that GCHQ continued to probe the areas of infrastructure to which the targeted employees had access. The undated presentation states that they were on the verge of accessing the Belgians’ central roaming router. The router is used to process international traffic. According to the presentation, the British wanted to use this access for complex attacks (“Man in the Middle” attacks) on smartphone users. The head of GCHQ’s Network Analysis Centre (NAC) described Operation Socialist in the presentation as a “success.”

Once again, despite various denials, it appears that the NSA/GCHQ have been hacking into companies, rather than directly targeting individuals or terrorist organizations. This leads to questions about the possibility of economic espionage, but also about using these hacked systems for further attacks. As the report notes, this could be especially concerning, given that Belgacom serves the EU Parliament, the EU Council and the EU Commission — all of whom have been named as “targets” of the NSA (and, by extension, GCHQ, even as the UK is a member of the EU).

As I’ve said in the past, I’m a lot less disturbed by intelligence gathering on foreign politicians — that’s just standard every day expected espionage activity. However, hacking into companies to do that espionage begins to cross some very questionable lines that could lead to massive economic harm, as well as the ability to mask the surveillance by government agencies as somehow being the fault of those companies.

Filed Under: economic espionage, europe, gchq, hacking, nsa, surveillance
Companies: belgacom